practice exams:

CEH-001 question 105 discussion

CEH-001 question 105 discussion

CEH-001 question 105 discussion

Michael is a junior security analyst working for the National Security Agency (NSA) working
primarily on breaking terrorist encrypted messages. The NSA has a number of methods
they use to decipher encrypted messages including Government Access to Keys (GAK)
and inside informants. The NSA holds secret backdoor keys to many of the encryption
algorithms used on the Internet. The problem for the NSA, and Michael, is that terrorist
organizations are starting to use custom-built algorithms or obscure algorithms purchased
from corrupt governments. For this reason, Michael and other security analysts like him
have been forced to find different methods of deciphering terrorist messages. One method
that Michael thought of using was to hide malicious code inside seemingly harmless
programs. Michael first monitors sites and bulletin boards used by known terrorists, and
then he is able to glean email addresses to some of these suspected terrorists. Michael
then inserts a stealth keylogger into a mapping program file readme.txt and then sends that
as an attachment to the terrorist. This keylogger takes screenshots every 2 minutes and
also logs all keyboard activity into a hidden file on the terrorist's computer. Then, the
keylogger emails those files to Michael twice a day with a built in SMTP server. What
technique has Michael used to disguise this keylogging software?